设置缓冲区溢出学习环境
我目前正在阅读几本有关安全编程的安全书籍(我的热情),但是它们在光盘上提供的发行版有缺陷或不存在。 书籍:黑客剥削的艺术 2nEd、灰帽黑客 2nEd 问题是,当我尝试遵循这些示例时,显然较新的发行版具有堆栈保护和其他安全功能来防止这些情况,并且我尝试手动设置 Hacking the art ofexploitation 提供的环境,但我失败了。 我也尝试过 DVL(Dam Vulnerable Linux),但它太臃肿了,我只想要一个最小的环境,我可以在一个小分区中拥有一个最小的环境,并从引导加载程序中进行选择或在一个小型虚拟机中拥有。
所以我的问题是:我如何去设置一个环境(发行版旧内核),我可以在其中遵循大多数这些示例。如果有人可以告诉我 DVL 的内核和 GCC 版本,我可能可以完成大部分设置我。
I am currently reading several security books(my passion) regarding secure programming, however either the distro's they provide on disc are faulty, or non-existent.
Books:Hacking The art of Exploitation 2nEd, Grey Hat hacking 2nEd
The issue is that when i try to follow the examples, obviously newer distros have stack protection and other security features implemented to prevent these situations, and I have tried to manually setup the environment provided with Hacking the art of exploitation, but I have failed.
Also I have tried DVL(Dam Vulnerable Linux) but its way too bloated, I just want a minimal environment that I can have in a small partition and choose from bootloader OR have in a small virtualbox.
So my question is this: How do I go about setting up an environment(distro old kernel) that I can follow most of these examples in. Possibly if someone could tell me the kernel and GCC version of DVL I could get most of it setup myself.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您需要重建没有堆栈和堆保护(包括不可执行堆栈)的内核。然后,您需要使用 gcc 标志进行编译以关闭保护,其中之一是“-fno-stack-protector”。另外,因为您很快就会遇到它,您可能希望静态编译您的程序,因为当您调试 0x41414141 有效负载时,它会更容易理解它。
另外,根据您对“膨胀”的定义,最简单的方法可能是下载较旧的 linux、redhat 5 或旧的 slackware,然后使用默认工具链安装和使用它。
You need to rebuild the kernel without stack and heap protections including non-executable stack. You then need to compile using gcc flags to turn off the protections, one of which would be "-fno-stack-protector". Also because you will run into it soon enough you probably want to statically compile your program because it will be a bit easier to understand it when you are debugging into your 0x41414141 payload.
Also depending on your definition of "bloat" it might be easiest to just download an older distro of linux, redhat 5 or an old slackware and install and use that with the default toolchain.
如果您仍然有 DVL 可用,您可以使用以下命令:
自行查找。
编辑:根据distrowatch.com,linux内核是2.6.20,gcc是3.4 .6
If you still have DVL available, you can use the commands:
to find out for yourself.
Edit: according to distrowatch.com the linux kernel is 2.6.20 and gcc is 3.4.6
sevagas 网站上有一篇文章与您的问题相关:
如何设置缓冲区溢出测试环境
There is an article on the sevagas website that is related to your question :
How-to setup a buffer overflow testing environment